package com.aishua.fire.config.jwtsecurity;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;  
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.stereotype.Component;

import com.aishua.fire.config.jwtsecurity.login.JWTAuthenticationFilter;
import com.aishua.fire.config.jwtsecurity.res.MyFilterSecurityInterceptor;

import lombok.extern.slf4j.Slf4j;  
  
/** 
 * SpringSecurity的配置 
 * 通过SpringSecurity的配置，将JWTLoginFilter，JWTAuthenticationFilter组合在一起 
 * @author zhaoxinguo on 2017/9/13. 
 */  
@Configuration  
@EnableWebSecurity 
//@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
//@Configuration  
@Slf4j
@Component
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {  
  
	 @Value("${project.imgreq.rootPath}")
	 private String mImagesReqPath;
//	@Autowired
//	@Qualifier("customUserDetailService")
//    private UserDetailsService userDetailsService;  
  
    //private BCryptPasswordEncoder bCryptPasswordEncoder;  
  
//    public WebSecurityConfig(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {  
//        this.userDetailsService = userDetailsService;  
//        this.bCryptPasswordEncoder = bCryptPasswordEncoder;  
//    }  
  
	@Autowired  
    private MyFilterSecurityInterceptor myFilterSecurityInterceptor; 
	
    @Override  
    protected void configure(HttpSecurity http) throws Exception { 
    	log.info("WebSecurityConfig.configure方法进来了");
        http.cors().and().csrf().disable()
        		.authorizeRequests()
				.antMatchers(HttpMethod.GET, "/v2/api-docs").permitAll()
				.antMatchers(HttpMethod.GET, "/getLoginCode").permitAll()
				.antMatchers(HttpMethod.POST, "/login").permitAll()
				.antMatchers(HttpMethod.POST, "/signup").permitAll()
//				.antMatchers(HttpMethod.GET, "/images/*").permitAll()
                .anyRequest().authenticated()  
                .and()
                .addFilter(new JWTAuthenticationFilter(authenticationManager()))
		        //在适当的地方加入
		        .addFilterAfter(myFilterSecurityInterceptor, FilterSecurityInterceptor.class);
//        		http.addFilterBefore(myFilterSecurityInterceptor, FilterSecurityInterceptor.class);//TODO--认证测试时使用
    }  
  
   /* @Override  
    public void configure(AuthenticationManagerBuilder auth) throws Exception { 
        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);  
    }*/  
  
    @Override
    public void configure(WebSecurity web) throws Exception {
    	//解决静态资源被拦截的问题
        web.ignoring().antMatchers(mImagesReqPath+"**","/dist/**");
    }
    
}